I have an IIS server that is a stand alone server not on the domain.
So users don't have to login to a local user database, Can I have the IIS server, authenticate users against the domain controller or atleast have the user's login name passed though to the IIS application?
It can be assumed that users will trust the website.
Best Answer
I ran into a similar requirement when trying to figure out how to leverage Active Directory for BlogEngine.NET. After spending some time researching I was able to use Active Directory user accounts with the Basic Authentication .NET Membership framework.
This worked on my domain member web server but could easily work for non-domain member servers assuming you add the username and password to the configuration section of the web.config.
From my blog post about how to configure:
Add an entry into the section pointing to your domain controller.
Notice the first part of the LDAP:// syntax specifies the name of the domain controller (server.domain.com). You have a couple of options here. You can specify the Fully Qualified Domain Name as shown in the example; you can specify the relativeDistinguishedNamek (ex. server); you can specify the IP Address of the domain controller (ex. 192.168.1.10); or for more redundancy you can specify just the domain name (ex. domain.com).
Make your section look like the following:
You will notice that I did not configure a username and password for connecting into Active Directory. That's because I am running BlogEngine on a domain member server and the IIS services are running under an application pool using Network Services account. If you must use explicit credentials then you can add connectionUsername and connectionPassword to the MyADMembershipProvider entry with the appropriate information.